﻿using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;

namespace ITMAN.Klassen
{
    public static class LoginInformations
    {
        public static string username;
    }

    class CL_login
    {
        // private Methoden
        private SqlConnection get_DB_connection()
        {
            SqlConnection connector = new SqlConnection();
            connector.ConnectionString = "Data Source=" + config.Default.SQLserver + ";" +
                                            "Initial Catalog= " + config.Default.SQLdatabase + ";" +
                                            "User ID=" + config.Default.SQLusername + ";" +
                                            "Password=" + config.Default.SQLpw + "";
            return connector;
        }
        // öffentliche Methoden
        public void create_useraccount(string username, string passwort, string email)
        {
            try
            {
                string MD5_passwort = GetMD5Hash(passwort);
                SqlConnection connector = get_DB_connection();
                string SQL_insert = "INSERT INTO [" + config.Default.SQLdatabase + "].[dbo].[TBL_user] ([username],[password],[email])" +
                                    "VALUES ('" + username + "','" + MD5_passwort + "','" + email + "');";
                SqlCommand command = new SqlCommand(SQL_insert, connector);
                connector.Open();
                command.ExecuteNonQuery();
                connector.Close();
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message);
            }
        }

        public bool user_login(string username, string pw)
        {

            bool result = false;
            string password_md5 = GetMD5Hash(pw);
            string query_password = "";
            int counter = 0;
            SqlConnection connector = new SqlConnection();
            connector.ConnectionString = "Data Source=" + config.Default.SQLserver + ";" +
                                            "Initial Catalog= " + config.Default.SQLdatabase + ";" +
                                            "User ID=" + config.Default.SQLusername + ";" +
                                            "Password=" + config.Default.SQLpw + "";
            string SQL_query = "SELECT [password] FROM TBL_user WHERE [username]like @user";
            SqlCommand command = new SqlCommand(SQL_query, connector);
            command.Parameters.AddWithValue("@user", username);
            try
            {
                connector.Open();
                SqlDataReader reader = command.ExecuteReader();
                while (reader.Read())
                {
                    counter++;
                    query_password = reader[0].ToString();
                }
                reader.Close();
                connector.Close();
                if (counter < 1)
                {
                    result = false;
                }
                else
                {
                    if (password_md5 == query_password)
                    {
                        result = true;
                        LoginInformations.username = username;
                    }
                }
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message);
            }

            return result;
        }

        // Text to MD5
        // http://dotnet-snippets.de/snippet/gibt-den-md5-hash-eines-stings-als-string-zurueck/18
        public string GetMD5Hash(string TextToHash)
        {
            //Prüfen ob Daten übergeben wurden.
            if (string.IsNullOrEmpty(TextToHash))
            {
                return string.Empty;
            }

            //MD5 Hash aus dem String berechnen. Dazu muss der string in ein Byte[]
            //zerlegt werden. Danach muss das Resultat wieder zurück in ein string.
            MD5 md5 = new MD5CryptoServiceProvider();
            byte[] textToHash = Encoding.Default.GetBytes(TextToHash);
            byte[] result = md5.ComputeHash(textToHash);

            return System.BitConverter.ToString(result);
        } 
    }
}
